Stack Overflow
Stack Overflow

Questions tagged [hipaa]

Health Insurance Portability and Accountability Act, subset of the ASC X12 EDI standard for to transfer of healthcare-related information.

HIPAA in this context refers to the data transmission standards mandated by the U.S. healthcare privacy act. It is based on the 004010 and 005010 versions of the X12 EDI standard, maintained by DISA.

The specific messages involve transferring inquiries, notifications, billing information and procedures between both healthcare providers (such as doctors, hospitals and other services) and billing agencies.

The Washington Publishing Company has the responsibility of publishing the actual standards documents.

105 questions
1
vote
2 answers

Storing DICOM headers in SQL & HIPAA

I am reading DICOM headers and storing them in a database. Is there a list of DICOM objects that need to be store encrypted or anonymized in order to be HIPAA compliant? This is the sort of list of DICOM tags we are storing: PatientID,…
qmo
  • 3,128
  • 3
  • 17
  • 23
0
votes
1 answer

Get 278 Response message to resolve properly

I am trying to process the response message for an X12 278 message and the XML that is being produced does not seem to be following the schema properly. When the raw/native format runs through the EDI pipeline, the message comes out looking like…
Mike Stonis
  • 2,184
  • 14
  • 24
0
votes
1 answer

Does BizTalk 2010 Support HIPAA 278 - 005010X216

I looked at the BizTalk HIPAA 5010 Version Support page and they have the 278 schema listed, but it is only the 005010X217 version. It also doesn't look like WPC has a schema for 278 005010X216 either. The 005010X216 definition is different enough…
Mike Stonis
  • 2,184
  • 14
  • 24
0
votes
1 answer

Error received after submitting translated 4010 xml to legacy webservice

Good Afternoon. I am sending a 270 to the state(Michigan) and receiving a 271 which I then transform into a 4010 version of the 271 so that a legacy webservice can attempt to absorb the data. The webservice is using dbml and LINQ to translate the…
Gregory Saxton
  • 3
  • 2
0
votes
0 answers

xhtml2pdf Python library and HIPAA compliance

I work in healthcare / IT and want to use xhtml2pdf to produce PDF files out of patient information. Is it safe to use xhtml2pdf? I don't want information to leak and I'm not completely certain that xhtml2pdf is safe. Please let me know your…
B Mathew
  • 1
  • 1
0
votes
1 answer

Is PyPDF HIPAA-Compliant? I would love to use this library at my healthcare organization

I'm doing some research into solutions to convert very sensitive documents from a FHIR API into readable PDF files, and my biggest concern is HIPAA-compliance. Is any data stored using the PyPDF libraries? Thank you so much! Can't find any real…
John Pazienza
  • 1
  • 1
0
votes
0 answers

Calendar for React JS

I am looking to integrate an OPENSOURCE, free calendar/scheduler for a medical practice app, so receiptionist could book appointment (different types) for multiple clinicians. it needs to show multiple views (of different clinicians), integrate with…
user21630700
  • 1
0
votes
0 answers

How to set protocol and cipher to be hipaa compliant using python ssl

I am configuring an SSL context to be HIPAA compliant. According to this document, the connection must use at least TLS 1.2+ and use one of the approved ciphers. How do I configure the context to use the right ciphers and protocol? I can't seem to…
sakurashinken
  • 3,940
  • 8
  • 34
  • 67
0
votes
1 answer

Google Cloud - Hippa Compliance - PgAudit vs IAM Audit Logs

Our infrastructure is hosted on Google Cloud and uses postgresql instances via Cloud SQL I need to configure logging for HIPAA compliance. I have read 2 articles from Google's…
Shawn Northrop
  • 5,826
  • 6
  • 42
  • 80
0
votes
1 answer

Should HIPAA complinace not allow offline storage in Mobile Native Applications?

Should HIPAA complinace not allow offline storage in Mobile Native Applications??I dont know if already there is this sort of regulation in HIPAA. I assume there is no such thing. If you feel this question need not be asked in this forum, I request…
RK-
  • 12,099
  • 23
  • 89
  • 155
0
votes
1 answer

De-Identifying PHI For HIPAA

I have a SQL DB which contains PHI, hosted on AWS. I want to access this data to perform analytics, however, I must de-identify the data first to comply with HIPAA. How should I approach this? I have thought of a few approaches: Simply de-identify…
user13514973
0
votes
1 answer

When a G-Suite form is embedded on external website, does any form data get stored on the host site?

This question comes up because of very specific HIPAA requirements. A Covered Entity(CE) eg, doctor can't use a cloud storage provider (CSP) unless they have a Business Associate Agreement (BAA) with the CSP, even if the data are encrypted and the…
VWFeature
  • 99
  • 2
0
votes
0 answers

Should I use separate databases for HIPAA and PCI-DSS compliant data?

My question is mostly theoretical, but if I have an application (for example for a private clinic) which stores their patient's health information (HIPAA), accepts payments with cards and stores payment history (PCI-DSS), and stores other…
jumpy
  • 317
  • 1
  • 12
0
votes
1 answer

Azure long-term audit log

We have a medical application that requires to store audit logs for 6 years (HIPAA requirement). Looking at the new Azure Monitor service, it seems it will retain information for a maximum of 730 days (see…
Jaime
  • 5,770
  • 4
  • 23
  • 50
0
votes
0 answers

Patient ID (PHI) in Azure Storage Blob Object Key

My requirement is to use Patient ID (PHI) in Storage Blob object key. Example - "/storagename/Z360A1109/report.html" where "Z360A1109' is Paient ID. If I query this object WITHOUT VNet Service Endpoint for Blob Storage enabled, then its a clear…
dilzfiesta
  • 55
  • 5
1 2 3 4
5
6 7